Secondlinethemes
secondlinethemes
4 CVEs • 3 products
Products (3)
Click to collapseToggle
Products (3)
Click to collapse
CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Secondlinethemes 1Podcast Subscribe Buttons Jun 17, 2026 Oct 20, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Podcast Subscribe Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'podcast_subscribe' shortcode in versions up to, and including, 1.4.8 due to insufficient input sanitization and output...Show more |
1Secondlinethemes 1Auto Youtube Importer Jun 17, 2026 May 22, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in SecondLineThemes Auto YouTube Importer plugin <= 1.0.3 versions. |
1Secondlinethemes 1Podcast Importer Secondline Jun 17, 2026 Apr 11, 2022 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file |
1Secondlinethemes 1Podcast Subscribe Buttons Jun 17, 2026 Oct 18, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Podcast Subscribe Buttons WordPress plugin before 1.4.2 allows users with any role capable of editing or adding posts to perform stored XSS. |